Search results

  1. H

    ZFS 2.2.0 Released: ID mapping of unprivileged containers during mount

    Incus (LXD) 6.0 is using the vfs idmapping now. so it should be possible to implement in proxmox as well...
  2. H

    ZFS 2.2.0 Released: ID mapping of unprivileged containers during mount

    I am not really sure if LXC 5.0.2 (or even latest 5.0.3) can already make use of this new feature that is available in ZFS 2.2.0. I guess that would be a pre-requisite for proxmox to be able to use it. But i cannot really find any info regarding this. But LXC can use some additional layer called...
  3. H

    ZFS 2.2.0 Released: ID mapping of unprivileged containers during mount

    One thing is to include new version of ZFS to deb repository. Other thing is to actualy actively leverage new features in Proxmox UI. Proxmox developers have been bringing the cool ZFS stuff to us in the past, so probably this will come as well. But obviously, the task is not as trivial as...
  4. H

    ZFS 2.2.0 Released: ID mapping of unprivileged containers during mount

    Also alternatively there is something called shiftfs, which does similar thing on non-ZFS filesystems and seems to be slowly preparing it's way to the upstream... https://discuss.linuxcontainers.org/t/trying-out-shiftfs/5155 https://github.com/toby63/shiftfs-dkms
  5. H

    ZFS 2.2.0 Released: ID mapping of unprivileged containers during mount

    https://github.com/openzfs/zfs/releases/tag/zfs-2.2.0 OpenZFS 2.2.0 - Lists following new features: Linux container support (#12209, #14070, #14097, #12263) - Added support for Linux-specific container interfaces such as renameat(2), support for overlayfs, idmapped mounts in a user namespace...
  6. H

    util-linux v2.39 release has support for id-mapping

    Well. Debian has ZFS 2.0.3, while Proxmox has ZFS 2.1.9. Where There Is a Will, There Is a Way :-)
  7. H

    util-linux v2.39 release has support for id-mapping

    util-linux v2.39 release has support for id-mapping https://lwn.net/ml/linux-kernel/20230517112242.3rubpxvxhzsc4kt2@ws.net.home/ This might help to switch between privileged/unprivileged CT mode without having to rewrite all UIDs/GIDs in the root filesystem. I hope proxmox will make use of this...
  8. H

    VM templates? ISO repository?

    Hello, there is already user-friendly system for downloading and deployment of CT templates. Why don't we have such thing for VMs as well? I can imagine two levels of this. 1.) Some list of commonly used ISOs that proxmox would allow me to dowload without having to lookup the URL. (eg. Debian...
  9. H

    can core_pattern be modified from privileged CT?

    i've just found this: https://pwning.systems/posts/escaping-containers-for-fun/ They simply set /proc/sys/kernel/core_pattern to execute user provided binary in host context by triggering coredump inside of privileged docker container. Can this be done with privileged CTs on proxmox? Or is...
  10. H

    LXC loadavg

    I never had any issue with it.
  11. H

    LXD 4.20 supports live migration of LXC containers

    https://discuss.linuxcontainers.org/t/lxd-4-20-has-been-released/12540 LXD now has live migration. Perhaps recently the CRIUgenic technology has advanced a bit and Proxmox can start looking into this as well?
  12. H

    Feature request: VM replication over Syncthing

    Syncthing is really cool, but i don't think this usecase would be currently supported by syncthing. These are my concerns: 1.) File permissions, extended attributes and other advanced metadata might not fully sync 2.) Syncthing can only write files under single user/owner. 3.) Syncing database...
  13. H

    Can you please add UKSM into kernel?

    Anyway, i went ahead and suggested this in pve bugzilla: https://bugzilla.proxmox.com/show_bug.cgi?id=3637
  14. H

    Can you please add UKSM into kernel?

    There is still some discussion about mainlining this: https://github.com/dolohow/uksm/issues/41#issuecomment-926282376 I think this might need fulltime developer for one or two months to get into upstream. But still might be well worth it for all the large scale PVE/LXC deployments out there...
  15. H

    Recursive Mount

    Recursive bind mount would make lot of sense IMO. Please raise a feature request at https://bugzilla.proxmox.com/
  16. H

    PVE LXC Swap is incredibly suboptimal, causes freezing

    even with cgroupv2 enabled? this swap=mem+swap thing is absolutely messing with my setups for years... And this whole time i have very hard time defending this behaviour in our company. I like Proxmox very much, but people keep pushing Hyper-V and i will probably die inside little bit if i will...
  17. H

    PVE LXC Swap is incredibly suboptimal, causes freezing

    Recently there was release of PVE 6.4 with improved cgroupv2 support, i wonder if that means that swap limit now works properly and independently from ram limit.
  18. H

    Proxmox VE 6.4 available

    Thank you for great work guys, really hope you will keep going on! Changelog mentions "Improved cgroup v2 (control group) handling.". Can i ask what exactly was improved? Would it be safe to start phasing this to the production servers now?
  19. H

    Linux 5.12 - ID Maping for Unprivileged CTs!

    OK I've created ticket in bugzilla: https://bugzilla.proxmox.com/show_bug.cgi?id=3397 BTW can't really think about any downsides/drawbacks of using this for LXC. Do you have any?
  20. H

    Linux 5.12 - ID Maping for Unprivileged CTs!

    https://kernelnewbies.org/Linux_5.12#ID_mapping_in_mounts They just released Linux 5.12, which can remap UIDs/GIDs of mountpoints. This is absolutely awesome feature which would mean that we don't really need to backup/restore or otherwise convert CT's filesystem when switching containers...

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!